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PRELIMINARY AMENDMENT 

Honorable Commissioner of Patents 

and Trademarks 
Washington, D.C. 20231 

Sir: 

Please amend the subject application, filed concurrently herewith, as 
indicated below: 
IN THE TITLE: 

Please cancel the title in its entirety and substitute the following new title: 
-SECURE MULTIPLICATION PROXY-; 
IN THE SPECIFICATION: 

Page 1 , after the title and before the first paragraph, insert the following title 
at the left-hand margin: 
- FIELD OF THE INVENTION -: 

Page 1 , at line 6, before the second paragraph, insert the following heading at 
the left-hand margin: 
— DESCRIPTION OF RELATED ART -: 
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Page 2, at line 14, before the paragraph beginning "In order to eliminate...", 
insert the following heading at the left-hand margin: 
- SUMMARY OF THE INVENTION —: 

Page 4, at line 1 , before the first paragraph, insert the following heading: 
- BRIEF DESCRIPTION OF THE DRAWINGS -: 

Page 4, at line 13, before the paragraph beginning "Referring to Fig. 1 
insert the following paragraph at the left-hand margin: 
- DESCRIPTION OF THE PREFERRED EMBODIMENT^ --: 

Page 10, after line 2, please insert the following new paragraph. 
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—While this invention has been described in conjunction with specific 
embodiments thereof, it is evident that many alternatives, modifications and 
variations will be apparent to those skilled in the art. Accordingly, the preferred 
embodiments of the invention as set forth herein, are intended to be illustrative, not 
limiting. Various changes may be made without departing from the true spirit and full 
scope of the invention as set forth herein and defined in the claims. — 
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IN THE CLAIMS: 

Please delete claims 1 - 6 in their entirety and without prejudice and 
insert the following new claims: 



?>==. 
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1 -7. A method for allowing a client application (1 6) to establish, in a client 

2 network (10), a first connection having a first security level, directly with a first port 

3 (1) of a server application (17) hosted in a server machine (13) linked to a server 

4 network (1 1 ), in order to send messages (30) addressed to the server machine (13), 

5 said messages (30) passing from the client network (10) to the server network (11) 

6 through a network layer (CR) of a gateway machine (9), characterized in that it 

7 comprises: 

OS - creating a second port (3) in the gateway machine (9); 

jp 9 - ordering the network layer (CR) of the gateway machine (9) to reroute to the 

fp-0 second port (3) any message sent to the first port (1), addressed to the server 

JL1 machine (13); 

h*- 2 - listening to the second port (3) to detect a request to establish said first 

ML3 connection and; 

G-4 - generating, in the gateway machine (9), a thread for establishing said first 

pi; 

15 connection when a request to establish said first connection is detected in the 

16 second port (3). 

1 8. A method according to claim 7, further comprising: 

2 - defining a third port (2) of the server application (17) for receiving at least 

3 one of the messages (30) with a second security level; and whereas said thread 

4 comprises; 

5 - establishing said first connection in a first phase with a first security level in a 

6 first interface associated with the second port (3) and with said request; 

7 - establishing in a second phase a second connection with a second level of 
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8 security in a second interface to the third port (2) in the server machine (13); 

9 - writing with the second security level in the second interface any message 

10 read in the first interface with the first security level in a third phase, and; 

11 - writing with the first security level in the first interface any message read in 

12 the second interface with the second security level in a fourth phase. 



1 9. A method according to claim 8, characterized in that it comprises: 

2 - ordering the network layer (CR) of the gateway machine (9) to delete any 
f5 3 message sent to the third port (2). 

St* 

Jl 1 0. A method according to claim 7, characterized in that the steps of 

lit 

2 creating and ordering are executed automatically by a first process of the gateway 

3 machine (9) and in that said first process generates a second process that executes 
u 4 the third and the fourth step. 

1 1 1 . A method according to claim 8, characterized in that the steps of 

2 creating and ordering are executed automatically by a first process of the gateway 

3 machine (9) and in that said first process generates a second process that executes 

4 the third and the fourth step. 



1 12. A method according to claim 1 0, further comprising automatically 

2 executing the steps of creating, rerouting and deleting by a first process of the 

3 gateway machine (9) and generating by said first process a second process that 

4 executes the steps of listening and generating a thread. 
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1 1 3. A method according to claim 1 1 , further comprising automatically 

2 executing the steps of creating, rerouting and deleting by a first process of the 

3 gateway machine (9) and generating by said first process a second process that 

4 executes the steps of listening and generating a thread.. 

1 14. A method for allowing a client application (16) to establish in a client 

2 network (10) a first connection having a first security level, directly with a first port (1) 

3 of a server application (1 7) hosted in a server machine (13) linked to a server 

4 network (1 1 ), in order to send messages (30) addressed to the server machine (1 3), 

O 

p 5 said messages (30) passing from the client network (1 0) to the server network (11) 

W 6 through a network layer (CR) of a gateway machine (9), characterized in that it 

^ 7 consists of activating, in the gateway machine, a secure application proxy that 

^ 8 reroutes the messages from the first connection, in a way that is transparent for the 

Jl 9 client application, in order to establish a second connection having a second security 

FJLO level with the server application, said second connection being unknown to said 

NL1 client application.- 
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IN THE ABSTRACT: 

Please delete the Abstract at page 13 and substitute the following Abstract. 
5 The Abstract showing the changes made using brackets is appended as an 
attachment to this Preliminary Amendment. 




3; 5 
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-- ABSTRACT 

A client application (16) establishes in a client network (10), a first connection 
having a first security level, directly with a first port (1) of a server application (17) 
hosted in a server machine (13) linked to a server network (11), in order to send 
messages addressed to the server machine (13). The messages pass from the 
client network (10) to the server network (1 1) through a network layer (CR) of a 
gateway machine (9). In the gateway machine, a secure application proxy reroutes 
the messages from the first connection, in a way that is transparent for the client 
application, and establishes a second connection having a second security level with 
the server application; the second connection is unknown to the client application. -- 
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REMARKS 

This Preliminary Amendment is filed to insert headings to conform the 
application to U.S. practice, to correct informalities in the specification, claims and 
abstract resulting from a literal translation of the French text, and to eliminate the 
5 use of multiple dependent claims. 

Early action on the merits is earnestly solicited. 

Respectfully submitted, 

MILES & STOCKBRIDGE P.C. 



SI 5 



Date: September 1 1 . 2001 




;io Fax: 703/610-8686 



1751 Pinnacle Drive — Suite 500 
McLean, VA 22102-3833 
Tel.: 703/903-9000 



TYSO01'9151874w0IT2147-907407l0aM0«)1 



10 




■ * T2147-907461-US3878/JMD(PCT) 

Amended ABSTRACT showing the changes by bracketing: 

ABSTRACT 

[MULTILEVEL SECURITY RELAY] 

A client application (16) establishes in a client network (10), a first connection 
2 5 having a first security level, directly with a first port (1 ) of a server application (17) 
hosted in a server machine (13) linked to a server network (11), in order to send 
messages addressed to the server machine (13). The messages pass from the 
client network (10) to the server network (1 1) through a network layer (CR) of a 
^ gateway machine (9). In the gateway machine, a secure application proxy reroutes 
S 0 the messages from the first connection, in a way that is transparent for the client 
h% application, and establishes a second connection having a second security level with 

B the server application; the second connection is unknown to the client application. 

en 

h [Fi9 ' 1] 

f=% 
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